Add JWT authentication type to MultipleAuthentication #2107
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
3 tasks
Signed-off-by: merlinz01 <[email protected]>
merlinz01
force-pushed
the
add-jwt-multiauth
branch
from
5375372
to
804422a
Compare
Signed-off-by: merlinz01 <[email protected]>
Signed-off-by: merlinz01 <[email protected]>
|
At this point what I am seeing is that the session cookie is being lost (deleted) when the browser requests |
|
The request for The logic here decides that the request needs authenticated. This line is then called, which deletes the auth cookie. I assume this is not the desired behavior, and it seems like it would cause problems even without my changes. Any input? |
Signed-off-by: merlinz01 <[email protected]>
|
OK, I think I fixed the endless loop of the page refreshing with the above commit. |
Signed-off-by: merlinz01 <[email protected]>
merlinz01
requested review from
cwperks,
DarshitChanpura,
derek-ho,
RyanL1997 and
stephen-crawford
as code owners
cwperks
reviewed
Sep 3, 2024
cwperks
reviewed
Sep 3, 2024
cwperks
reviewed
Sep 3, 2024
cwperks
reviewed
Sep 3, 2024
Signed-off-by: merlinz01 <[email protected]>
Signed-off-by: merlinz01 <[email protected]>
Signed-off-by: merlinz01 <[email protected]>
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2107 +/- ##
==========================================
+ Coverage 71.40% 71.46% +0.05%
==========================================
Files 97 97
Lines 2651 2649 -2
Branches 404 411 +7
==========================================
Hits 1893 1893
+ Misses 642 641 -1
+ Partials 116 115 -1 ☔ View full report in Codecov by Sentry. |
cwperks
previously approved these changes
Sep 10, 2024
Signed-off-by: merlinz01 <[email protected]>
cwperks
reviewed
Sep 11, 2024
derek-ho
reviewed
Oct 2, 2024
derek-ho
reviewed
Oct 2, 2024
derek-ho
previously approved these changes
Oct 2, 2024
There was a problem hiding this comment.
Left two minor comments, but otherwise thanks for the contribution @merlinz01 ! We can also get this merged first and follow up, since it has been a while, sorry for the delay in review
Signed-off-by: merlinz01 <[email protected]>
cwperks
previously approved these changes
Oct 4, 2024
Signed-off-by: merlinz01 <[email protected]>
cwperks
previously approved these changes
Oct 4, 2024
cwperks
reviewed
Oct 4, 2024
Signed-off-by: merlinz01 <[email protected]>
|
@merlinz01 Can you check the integTest failure? |
Signed-off-by: merlinz01 <[email protected]>
|
Try it now. |
cwperks
approved these changes
Oct 7, 2024
All CI Checks green now. Thank you @merlinz01. @derek-ho Can you review again? |
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Oct 7, 2024
* Add JWT authentication type to MultipleAuthentication Signed-off-by: merlinz01 <[email protected]> * clarify comments in AuthenticationType.authHandler Signed-off-by: merlinz01 <[email protected]> * collect additional auth headers from all multi-auth handlers Signed-off-by: merlinz01 <[email protected]> * implement MultipleAuthentication.getCookie Signed-off-by: merlinz01 <[email protected]> * Add test for multiauth with JWT Signed-off-by: merlinz01 <[email protected]> * add explanatory comments in login page Signed-off-by: merlinz01 <[email protected]> * remove logging of JWT in test Signed-off-by: merlinz01 <[email protected]> * add check for empty auth options list in login page Signed-off-by: merlinz01 <[email protected]> * Add comments about getCookie method Signed-off-by: merlinz01 <[email protected]> * remove unneeded comment Signed-off-by: merlinz01 <[email protected]> * Don't load sample data in JWT multiauth test Signed-off-by: merlinz01 <[email protected]> * remove sample data code and unneeded promise handling Signed-off-by: merlinz01 <[email protected]> * update test for missing JWT Signed-off-by: merlinz01 <[email protected]> * ensure JWT signing key consistency Signed-off-by: merlinz01 <[email protected]> --------- Signed-off-by: merlinz01 <[email protected]> Co-authored-by: Derek Ho <[email protected]> (cherry picked from commit 252d8fb) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
derek-ho
added a commit
that referenced
this pull request
Oct 7, 2024
* Add JWT authentication type to MultipleAuthentication * clarify comments in AuthenticationType.authHandler * collect additional auth headers from all multi-auth handlers * implement MultipleAuthentication.getCookie * Add test for multiauth with JWT * add explanatory comments in login page * remove logging of JWT in test * add check for empty auth options list in login page * Add comments about getCookie method * remove unneeded comment * Don't load sample data in JWT multiauth test * remove sample data code and unneeded promise handling * update test for missing JWT * ensure JWT signing key consistency --------- (cherry picked from commit 252d8fb) Signed-off-by: merlinz01 <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Derek Ho <[email protected]>
|
Thanks for your assistance! 🎉 🚀 👍 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Allows JWT to be included in a multiple-authentication configuration.
Category
Enhancement
Why these changes are required?
Previously one cannot use basic auth and JWT auth together
What is the old behavior before changes and new behavior after changes?
OSD error when basic auth and JWT auth are configured
Issues Resolved
#1814
Testing
[Please provide details of testing done: unit testing, integration testing and manual testing]
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.